Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/xJ0_FRg6EplS-mzoDbYvP1y_mUw.roa
File: xJ0_FRg6EplS-mzoDbYvP1y_mUw.roa (raw, json)
Hash identifier: 7evtOJQCPXqekbIigyPzPGbzquzgJixLY3c438GOL/g=
Subject key identifier: C4:9D:3F:15:18:3A:12:99:52:FA:6C:E8:0D:B6:2F:3F:5C:BF:99:4C
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 0194266B0EE3D33CDD90CE5404F6BC4CBC3D
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/xJ0_FRg6EplS-mzoDbYvP1y_mUw.roa
Signing time: Thu 02 Jan 2025 09:48:57 +0000
ROA not before: Thu 02 Jan 2025 09:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40065
IP address blocks: 2.56.255.0/24 maxlen: 24
2.59.151.0/24 maxlen: 24
5.181.219.0/24 maxlen: 24
31.40.214.0/24 maxlen: 24
45.12.88.0/24 maxlen: 24
45.12.90.0/24 maxlen: 24
45.67.223.0/24 maxlen: 24
185.183.84.0/24 maxlen: 24
185.186.146.0/23 maxlen: 23
185.194.148.0/24 maxlen: 24
185.201.226.0/24 maxlen: 24
185.201.227.0/24 maxlen: 24
185.238.248.0/24 maxlen: 24
185.238.250.0/24 maxlen: 24
193.9.44.0/24 maxlen: 24
193.9.46.0/24 maxlen: 24
193.22.152.0/24 maxlen: 24
212.103.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:0e:e3:d3:3c:dd:90:ce:54:04:f6:bc:4c:bc:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Jan 2 09:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c49d3f15183a129952fa6ce80db62f3f5cbf994c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8a:20:45:f4:84:18:d6:d2:af:7b:10:42:da:
44:07:ae:08:5b:3d:92:9b:3a:05:e9:8c:ba:9f:87:
5e:b9:69:85:fd:8b:45:7d:66:0c:2a:35:64:66:de:
0c:0e:5f:ca:69:d0:8d:44:5b:5c:0b:4e:be:02:88:
03:f3:2a:f2:a1:12:62:a6:94:93:f1:de:54:c5:b7:
4e:d7:81:44:42:df:ce:ad:e1:fd:18:98:ec:08:b0:
c6:42:54:08:71:2d:2d:3b:37:56:2d:82:4f:9b:ed:
96:3d:3b:63:fe:e5:fd:3d:93:2d:c6:96:a3:6b:b5:
ee:f7:0a:93:5e:fa:bb:0a:bf:6c:4a:47:b1:1e:6d:
c9:e7:c7:85:b7:40:5b:69:68:cb:05:6b:fc:16:80:
00:3e:3e:6f:8b:74:d2:5c:77:59:55:78:2b:9b:4d:
99:1c:4f:27:1d:bf:2e:54:6c:dc:1a:f5:06:fe:84:
61:6c:cb:51:12:7b:d2:38:6b:51:54:3e:f8:8d:41:
db:42:b4:3f:db:97:75:c8:41:02:10:49:f0:c9:2e:
81:78:8a:cd:9a:85:01:d3:f1:ed:32:8b:61:74:61:
3a:b4:76:45:38:3d:4d:93:f1:39:05:37:4a:9a:29:
db:3d:c7:85:ff:a3:c5:23:7b:c5:15:d6:a7:e6:71:
9f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:9D:3F:15:18:3A:12:99:52:FA:6C:E8:0D:B6:2F:3F:5C:BF:99:4C
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/xJ0_FRg6EplS-mzoDbYvP1y_mUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.255.0/24
2.59.151.0/24
5.181.219.0/24
31.40.214.0/24
45.12.88.0/24
45.12.90.0/24
45.67.223.0/24
185.183.84.0/24
185.186.146.0/23
185.194.148.0/24
185.201.226.0/23
185.238.248.0/24
185.238.250.0/24
193.9.44.0/24
193.9.46.0/24
193.22.152.0/24
212.103.62.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:7d:35:bb:6b:97:01:09:1a:90:04:84:0f:c7:19:38:81:84:
9c:4c:92:b5:36:21:7c:30:6f:47:fb:c9:c0:1b:78:0c:be:3d:
94:89:9c:60:3c:c0:69:7a:d6:ad:f7:30:23:2f:e2:42:98:f3:
67:59:ab:d3:dd:52:86:37:da:54:4c:1c:c2:2b:7c:ff:9d:56:
49:5c:d1:21:86:64:fb:18:12:ee:c0:35:ae:ae:bd:00:47:49:
6c:b0:f7:19:55:f0:79:13:e5:9b:64:5f:d1:8e:b7:7b:2e:06:
ee:d9:dd:80:2d:35:9b:24:14:88:e0:7e:cc:10:e9:a5:c2:72:
a7:2c:12:31:3a:f2:4f:1e:26:75:0f:ed:74:bd:de:87:11:18:
5c:24:48:98:3c:75:38:e0:7a:51:9a:03:55:58:a9:33:dc:22:
a6:55:6c:b3:1a:01:0b:39:66:8f:bf:35:4f:99:2c:57:0d:a2:
d7:9c:cd:f8:72:1a:f3:74:02:66:8a:ff:0f:79:57:ba:a2:33:
e7:b9:33:f0:6f:0a:bd:2d:ea:ee:5c:31:66:93:50:92:33:f8:
80:81:26:5e:6f:9e:44:91:45:12:0c:e2:d8:49:6a:e8:fb:83:
2b:9b:e9:5d:a3:3b:2c:10:ef:14:68:7a:c7:c5:b3:e7:35:07:
96:47:e6:af
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQmaw7j0zzdkM5UBPa8TLw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjUwMTAyMDk0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDlkM2YxNTE4M2ExMjk5NTJmYTZjZTgwZGI2MmYzZjVjYmY5OTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoogRfSEGNbSr3sQQtpEB64IWz2S
mzoF6Yy6n4deuWmF/YtFfWYMKjVkZt4MDl/KadCNRFtcC06+AogD8yryoRJippST
8d5UxbdO14FEQt/OreH9GJjsCLDGQlQIcS0tOzdWLYJPm+2WPTtj/uX9PZMtxpaj
a7Xu9wqTXvq7Cr9sSkexHm3J58eFt0BbaWjLBWv8FoAAPj5vi3TSXHdZVXgrm02Z
HE8nHb8uVGzcGvUG/oRhbMtREnvSOGtRVD74jUHbQrQ/25d1yEECEEnwyS6BeIrN
moUB0/HtMothdGE6tHZFOD1Nk/E5BTdKminbPceF/6PFI3vFFdan5nGffwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFMSdPxUYOhKZUvps6A22Lz9cv5lMMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEveEowX0ZSZzZFcGxTLW16b0RiWXZQMXlfbVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAAjj/AwQA
AjuXAwQABbXbAwQAHyjWAwQALQxYAwQALQxaAwQALUPfAwQAubdUAwQBubqSAwQA
ucKUAwQBucniAwQAue74AwQAue76AwQAwQksAwQAwQkuAwQAwRaYAwQA1Gc+MA0G
CSqGSIb3DQEBCwUAA4IBAQBafTW7a5cBCRqQBIQPxxk4gYScTJK1NiF8MG9H+8nA
G3gMvj2UiZxgPMBpetat9zAjL+JCmPNnWavT3VKGN9pUTBzCK3z/nVZJXNEhhmT7
GBLuwDWurr0AR0lssPcZVfB5E+WbZF/Rjrd7Lgbu2d2ALTWbJBSI4H7MEOmlwnKn
LBIxOvJPHiZ1D+10vd6HERhcJEiYPHU44HpRmgNVWKkz3CKmVWyzGgELOWaPvzVP
mSxXDaLXnM34chrzdAJmiv8PeVe6ojPnuTPwbwq9LeruXDFmk1CSM/iAgSZeb55E
kUUSDOLYSWro+4Mrm+ldozssEO8UaHrHxbPnNQeWR+av
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:44:17 2025 by rpki-client